Privacy Policy

Effective Date: April 29, 2026 | Last Updated: April 29, 2026

This Privacy Policy describes how Wings Over ("we," "us," "our," or "the Company") collects, uses, discloses, and protects your personal information when you visit our website at wings-over.top, place orders, interact with our services, or otherwise engage with us. Please read this policy carefully. By using our website or services, you agree to the practices described in this Privacy Policy.

We are committed to protecting your privacy and handling your personal data responsibly, transparently, and in compliance with applicable United States federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other relevant consumer protection regulations.

1. About Us

Wings Over is a food service business operating in the United States. We provide food ordering, delivery, and related services to customers through our website and other channels.

Company Name	Wings Over
Website	wings-over.top
Email Address	[email protected]
Location	United States

For all privacy-related inquiries, please contact us using the information provided above or as detailed in the Contact Us section at the end of this policy.

2. Information We Collect

We collect various types of information in connection with your use of our website, services, and products. This information is collected in different ways and for different purposes as outlined below.

2.1 Personal Identification Information

When you create an account, place an order, subscribe to our newsletter, or contact us, we may collect the following personal identification information:

Full name — to identify you and personalize your experience
Email address — for order confirmations, communication, and marketing (with your consent)
Phone number — to facilitate order fulfillment and delivery coordination
Billing and delivery address — to process payments and deliver your food orders
Date of birth — where required for age verification purposes
Username and password — to enable secure account access
Profile preferences — such as favorite meals, dietary restrictions, and past order history

2.2 Payment and Financial Information

When you make a purchase through our website, we collect payment information necessary to process your transaction. This includes:

Credit or debit card details (processed securely through third-party payment processors)
Billing address associated with the payment method
Transaction history and purchase records

Please note that we do not store full credit or debit card numbers on our servers. All payment card data is handled by PCI DSS-compliant third-party payment processors.

2.3 Usage and Behavioral Data

When you visit our website or use our services, we automatically collect certain usage data, including:

Pages viewed and time spent on each page
Clickstream data (how you navigate through our site)
Search queries entered on the website
Menu items viewed, added to cart, or ordered
Referral URLs (the website or source that led you to our site)
Date and time of your visits
Session duration and frequency of visits

2.4 Device and Technical Information

We may collect technical information about the device and connection you use to access our website, including:

IP address
Browser type and version
Operating system and device type (desktop, mobile, tablet)
Screen resolution
Device identifiers
Language settings
Internet service provider (ISP) information

2.5 Location Data

We may collect approximate or precise location data in order to facilitate delivery services, show you nearby specials, or improve your user experience. Location data may be collected through:

IP address geolocation
GPS data from your mobile device (only with your explicit permission)
Delivery address you provide at checkout

2.6 Communications and Feedback

If you contact us via email, phone, or through our website's contact form, we collect:

The content of your message or inquiry
Your contact details
Records of correspondence
Reviews, ratings, and feedback you submit about our products or services

2.7 Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, and similar tracking technologies to enhance your experience on our website, analyze traffic, and deliver relevant content. For more detailed information, please see Section 9 – Cookie Usage of this policy.

3. How We Use Your Information

We use the personal information we collect for several legitimate business purposes, including but not limited to:

3.1 Service Provision and Order Fulfillment

Processing and fulfilling your food orders
Coordinating delivery and pickup logistics
Sending order confirmations, receipts, and updates
Managing your account and preferences
Responding to your inquiries and providing customer support
Processing refunds, exchanges, or complaints

3.2 Analytics and Service Improvement

Analyzing website traffic and user behavior to improve our platform
Conducting internal research and product development
Testing new features and improving existing functionality
Monitoring and preventing technical errors and fraud
Generating aggregated, anonymized reports on service usage

3.3 Marketing and Promotional Communications

Sending promotional emails, newsletters, and special offers (where you have provided consent or where permitted under applicable law)
Displaying personalized advertisements on our platform or third-party sites
Conducting surveys to understand customer preferences
Notifying you of new menu items, seasonal specials, and loyalty rewards

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any email we send, or by contacting us at [email protected].

3.4 Legal and Compliance Purposes

Complying with applicable federal and state laws and regulations
Responding to lawful requests from government authorities
Enforcing our Terms of Service and other agreements
Protecting our legal rights and interests
Detecting, investigating, and preventing fraudulent or illegal activity

3.5 Security and Fraud Prevention

Verifying user identities and preventing unauthorized access
Monitoring for suspicious account activity
Protecting the security of our website and systems
Preventing chargebacks and payment fraud

4. Sharing Your Information with Third Parties

We do not sell your personal information to third parties. However, we may share your information in the following circumstances:

4.1 Service Providers and Business Partners

We work with trusted third-party companies that help us operate our business and provide services to you. These service providers may have access to your personal information only to the extent necessary to perform their services and are contractually obligated to protect your information. These partners include:

Payment processors — to securely handle credit card and payment transactions
Delivery and logistics providers — to fulfill and coordinate your food orders
Cloud hosting and IT service providers — to store and manage our website and data infrastructure
Email and marketing platforms — to send communications on our behalf
Analytics providers (e.g., Google Analytics) — to help us understand website usage and improve performance
Customer support tools — to manage and respond to customer inquiries

4.2 Legal Requirements and Law Enforcement

We may disclose your personal information when we believe in good faith that such disclosure is required or permitted by law, including:

In response to a subpoena, court order, or other legal process
To comply with applicable federal, state, or local laws
To cooperate with law enforcement or government agency investigations
To protect the safety and security of our customers, employees, or the public

4.3 Business Transfers

In the event of a merger, acquisition, sale of assets, bankruptcy, or other corporate restructuring, your personal information may be transferred to the successor entity. We will notify you via email or prominent notice on our website before your data is transferred and becomes subject to a different privacy policy.

4.4 With Your Consent

We may share your information with additional third parties when you have provided explicit consent for us to do so, for example when you participate in joint promotional campaigns or refer a friend programs.

4.5 Aggregated and Anonymized Data

We may share aggregated, de-identified, or anonymized information that cannot reasonably be used to identify you with third parties for marketing, research, or analytical purposes.

5. Data Security

We take the security of your personal information seriously and implement a range of technical, administrative, and physical safeguards designed to protect your data from unauthorized access, disclosure, alteration, or destruction.

5.1 Technical Safeguards

SSL/TLS encryption for all data transmitted between your browser and our website
Encryption of sensitive data stored in our databases
Firewalls and intrusion detection systems
Secure, access-controlled server environments
Regular security audits and vulnerability assessments

5.2 Administrative Safeguards

Role-based access controls limiting employee access to personal data
Employee training on data privacy and security best practices
Internal data governance policies and procedures
Confidentiality agreements with staff and contractors

5.3 Payment Security

All payment transactions are processed through PCI DSS-compliant payment gateways. We do not store full payment card information on our servers. Sensitive payment data is tokenized and encrypted throughout the transaction process.

5.4 Limitations

Please Note: While we implement robust security measures, no method of data transmission or storage is 100% secure. We cannot guarantee absolute security of your information. In the event of a data breach that affects your rights and freedoms, we will notify you and relevant authorities as required by applicable law.

6. Your Privacy Rights

Depending on your location within the United States, you may have specific rights regarding your personal information. We are committed to honoring these rights and responding to your requests in a timely manner.

6.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)

If you are a California resident, you have the following rights under the CCPA as amended by the CPRA:

Right to Know: You have the right to request information about the categories and specific pieces of personal data we have collected about you, the sources of that data, our business purposes for collecting it, and the categories of third parties with whom it is shared.
Right to Delete: You have the right to request that we delete your personal information, subject to certain exceptions permitted by law (e.g., completing a transaction, security purposes, legal obligations).
Right to Correct: You have the right to request that we correct inaccurate personal information we hold about you.
Right to Opt-Out of Sale or Sharing: We do not sell your personal information. However, if you believe your data has been shared for cross-context behavioral advertising, you may opt out.
Right to Limit Use of Sensitive Personal Information: You have the right to limit our use of sensitive personal information to only what is necessary to provide the requested service.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights. This means we will not deny you services, charge you different prices, or provide a lesser quality of service because you exercised your rights.

6.2 General Rights Available to All US Customers

Access: Request access to the personal information we hold about you
Correction: Request correction of inaccurate or outdated personal information
Deletion: Request deletion of your personal information, subject to applicable legal requirements
Data Portability: Request a copy of your data in a structured, machine-readable format
Opt-Out of Marketing: Unsubscribe from marketing communications at any time
Withdrawal of Consent: Withdraw consent for data processing activities that are based on your consent

6.3 How to Exercise Your Rights

To exercise any of the rights described above, please contact us using one of the following methods:

Email: [email protected]
Website: wings-over.top

We will respond to verifiable consumer requests within 45 days of receipt. If we require additional time, we will notify you of the extension within the initial 45-day period. We may ask you to verify your identity before processing your request to protect your security and privacy.

You may designate an authorized agent to submit a request on your behalf. We will require written proof of authorization before processing requests made by an authorized agent.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, as described in this Privacy Policy, and to comply with applicable legal, regulatory, or business requirements.

Type of Data	Retention Period
Account information	For the duration of your account, plus 3 years after account closure
Order and transaction records	7 years (for tax and accounting purposes)
Customer support communications	3 years from the date of last interaction
Marketing preferences and consent records	Until you withdraw consent, plus 3 years
Website usage and analytics data	24 months from collection
Cookie data	As specified in our Cookie Policy (up to 24 months)
Legal claims and compliance records	As required by applicable law, typically up to 7 years

After the applicable retention period expires, we will securely delete or anonymize your personal information in accordance with our internal data governance procedures.

8. Children's Privacy

Age Requirement: Our website and services are intended for users who are 18 years of age or older. We do not knowingly collect personal information from children under the age of 13, and we do not direct our services to minors.

We are committed to complying with the Children's Online Privacy Protection Act (COPPA) and other applicable laws protecting children's privacy. Our website is not directed to individuals under the age of 13, and we do not knowingly collect personal information from children under 13 without verifiable parental consent.

If you are a parent or guardian and believe that your child under the age of 13 has provided personal information to us without your consent, please contact us immediately at [email protected]. Upon verification, we will promptly delete the child's information from our records.

Users between the ages of 13 and 17 should only use our website and services with the involvement and consent of a parent or legal guardian. By using our services, you represent and warrant that you are at least 18 years of age, or that you are the parent or guardian of a minor using our services with your consent.

9. Cookie Usage

We use cookies and similar tracking technologies to enhance your experience on our website. Cookies are small text files placed on your device when you visit a website.

9.1 Types of Cookies We Use

Strictly Necessary Cookies: Essential for the website to function properly. These cookies enable core functionality such as page navigation, secure login, and shopping cart features. They cannot be disabled.
Performance and Analytics Cookies: Help us understand how visitors interact with our website by collecting and reporting information anonymously. We use tools like Google Analytics to gather this data.
Functional Cookies: Allow us to remember your preferences (such as language settings, saved delivery addresses, and food preferences) to provide a more personalized experience.
Targeting and Advertising Cookies: Used to deliver advertisements that are relevant to you and your interests. These may also be used to limit the number of times you see an advertisement and measure the effectiveness of advertising campaigns.

9.2 Managing Your Cookie Preferences

You can control and manage cookies through your browser settings. Most browsers allow you to refuse or delete cookies. However, please note that disabling certain cookies may affect the functionality of our website and your ability to use certain features.

For more detailed information about the cookies we use and how to manage your preferences, please refer to our full Cookie Policy available on our website at wings-over.top.

10. International Data Transfers

Wings Over is based in the United States, and your personal information is primarily collected, processed, and stored in the United States. However, in certain circumstances, we may transfer your personal information to service providers or partners located outside the United States.

When we transfer personal data internationally, we take steps to ensure that appropriate safeguards are in place to protect your information, including:

Entering into data processing agreements with third-party service providers that include appropriate data protection clauses
Ensuring that recipient countries provide an adequate level of data protection
Implementing technical and organizational security measures to protect transferred data

By using our website and services, you acknowledge and consent to the transfer of your personal information to the United States and potentially other countries, which may have different data protection laws than your home country.

11. Third-Party Links and Services

Our website may contain links to third-party websites, social media platforms, or embedded services (such as payment gateways or map services). This Privacy Policy does not apply to those third-party sites or services. We encourage you to review the privacy policies of any third-party sites you visit.

We are not responsible for the privacy practices or content of third-party websites. The inclusion of a link to a third-party website does not imply our endorsement of that site or its privacy practices.

We may integrate third-party tools including, but not limited to:

Google Analytics (website analytics)
Facebook Pixel (advertising and remarketing)
Payment gateways (e.g., Stripe, PayPal)
Google Maps (for delivery address and location services)

Each of these third parties has its own privacy policy governing the use of your information when you interact with their services. We recommend reviewing their respective privacy policies for more information.

12. Do Not Track Signals

Some web browsers offer a "Do Not Track" (DNT) feature that signals to websites that you do not want your browsing activity tracked. Currently, there is no universally accepted standard for how websites should respond to DNT signals. Our website does not currently alter its data collection and use practices in response to browser DNT signals.

California residents may also opt out of the sale or sharing of personal information as described under the California Consumer Privacy Act. Please see Section 6 of this policy for more information on exercising your CCPA rights.

13. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our business practices, legal requirements, or technological developments. When we make material changes to this policy, we will:

Update the "Last Updated" date at the top of this page
Notify you via email (if we have your email address on file)
Display a prominent notice on our website

Your continued use of our website and services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this policy periodically to stay informed about how we protect your information.

14. Filing a Complaint with a Data Protection Authority

If you believe that we have not handled your personal information in accordance with applicable privacy laws, you have the right to file a complaint with the appropriate regulatory authority.

14.1 Federal Level

In the United States, the Federal Trade Commission (FTC) enforces consumer privacy and data protection laws at the federal level. You can file a complaint with the FTC at:

Website: www.ftc.gov
FTC Complaint Portal: reportfraud.ftc.gov
Phone: 1-877-382-4357

14.2 California Residents

If you are a California resident and believe your rights under the CCPA/CPRA have been violated, you may file a complaint with the California Privacy Protection Agency (CPPA):

Website: cppa.ca.gov

You may also contact the California Attorney General's Office at oag.ca.gov.

14.3 Other State Residents

Residents of other states with applicable state privacy laws (including Virginia, Colorado, Texas, and others) may have the right to appeal decisions we make regarding their privacy requests, and may file complaints with their respective state attorney general's offices.

We encourage you to contact us directly first before filing a formal complaint, as we are committed to resolving any privacy concerns quickly and cooperatively.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data handling practices, please do not hesitate to contact our privacy team using the details below. We are committed to responding to all inquiries within a reasonable timeframe.

Company Name	Wings Over
Email	[email protected]
Website	wings-over.top
Location	United States

For privacy-specific requests such as data access, deletion, or correction, please email us with the subject line: "Privacy Request – [Your Name]" to ensure your inquiry is directed to the appropriate team member and processed promptly.

Response Time: We aim to respond to all privacy-related inquiries within 10 business days. For verifiable consumer requests under CCPA, we will respond within 45 days, with the possibility of a 45-day extension where necessary, with prior notice.

This Privacy Policy was last reviewed and updated on April 29, 2026. Wings Over reserves the right to amend this policy at any time in accordance with the terms described in Section 13.